On Thursday 29 Dec 2011 10:03:01 Mick wrote:
> On Thursday 29 Dec 2011 04:46:26 you wrote:
> > PUT such comments. You can avoid editing a copy by:
> > awk '/-BEGIN/,/-END/' filewithextra | openssl asn1parse
> >
> > on any *nix, and on Windows if you add an awk port.
>
> Just tried this and all
On Thursday 29 Dec 2011 04:46:26 you wrote:
> > From: owner-openssl-us...@openssl.org On Behalf Of Mick
> > Sent: Monday, 26 December, 2011 14:01
>
>
>
> > I seem to have overcome the original problem. Now both the
> > cacert and signed
> > client certificates are formatted in the same way. I
> From: owner-openssl-us...@openssl.org On Behalf Of Mick
> Sent: Monday, 26 December, 2011 14:01
> I seem to have overcome the original problem. Now both the
> cacert and signed
> client certificates are formatted in the same way. I used -policy
> policy_anything to avoid complaints from o
On Friday 16 Dec 2011 18:31:01 you wrote:
> Le 16/12/2011 18:45, Mick a écrit :
> > Since I cannot change the router firmware, what should I change the
> > 'string_mask = ' on the PC to agree with the router?
>
> My understanding is that string_mask is used when producing an object
> (request or
On Monday 19 Dec 2011 06:45:13 Mick wrote:
> On Sunday 18 Dec 2011 18:10:55 Mick wrote:
> > On Friday 16 Dec 2011 18:31:01 you wrote:
> > > Le 16/12/2011 18:45, Mick a écrit :
> > > [...]
> > >
> > > > Since I cannot change the router firmware, what should I change the
> > > > 'string_mask = ' on
On Sunday 18 Dec 2011 18:10:55 Mick wrote:
> On Friday 16 Dec 2011 18:31:01 you wrote:
> > Le 16/12/2011 18:45, Mick a écrit :
> > [...]
> >
> > > Since I cannot change the router firmware, what should I change the
> > > 'string_mask = ' on the PC to agree with the router?
> >
> > My understandi
On Friday 16 Dec 2011 18:31:01 you wrote:
> Le 16/12/2011 18:45, Mick a écrit :
> [...]
> > Since I cannot change the router firmware, what should I change the
> > 'string_mask = ' on the PC to agree with the router?
>
> My understanding is that string_mask is used when producing an object
> (re
Bohm"
Sent: Friday, December 16, 2011 1:04:49 PM
Subject: Re: [openssl-users] Re: stateOrProvinceName field problem when signing
CSR
Le 16/12/2011 18:27, Jakob Bohm a écrit :
> On 12/16/2011 6:14 PM, Erwann Abalea wrote:
>> Le 16/12/2011 17:57, Mick a écrit :
>>> On Fri
Le 16/12/2011 19:07, Jakob Bohm a écrit :
On 12/16/2011 6:47 PM, Erwann Abalea wrote:
Le 16/12/2011 16:29, Jakob Bohm a écrit :
On 12/16/2011 3:22 PM, Erwann Abalea wrote:
NameConstraints is a set of constraints imposed on the semantic
value of the name elements, not on their encoding (string
Le 16/12/2011 18:45, Mick a écrit :
[...]
Indeed, the message was rather esoteric and it did not offer a way out - e.g.
it could have advised to change "match" to "supplied" in openssl.cnf, or to
ensure that the encoding between the CSR and ca is the same.
I think what confused me is that by upl
On 12/16/2011 6:47 PM, Erwann Abalea wrote:
Le 16/12/2011 16:29, Jakob Bohm a écrit :
On 12/16/2011 3:22 PM, Erwann Abalea wrote:
Le 16/12/2011 15:07, Jakob Bohm a écrit :
I think we may have a bug here, anyone from the core team
wish to comment on this.
The apparent bug:
When enforcing the
Le 16/12/2011 18:27, Jakob Bohm a écrit :
On 12/16/2011 6:14 PM, Erwann Abalea wrote:
Le 16/12/2011 17:57, Mick a écrit :
On Friday 16 Dec 2011 16:23:52 you wrote:
man req
Then look for the "-utf8" argument.
I took your example below, added "-utf8" argument, and it worked.
You can display the
8 command.
Lou Picciano
- Original Message -
From: "Jakob Bohm"
To: openssl-users@openssl.org
Sent: Friday, December 16, 2011 12:27:42 PM
Subject: Re: [openssl-users] Re: stateOrProvinceName field problem when signing
CSR
On 12/16/2011 6:14 PM, Erwann Abalea wrote:
> Le 1
Le 16/12/2011 16:29, Jakob Bohm a écrit :
On 12/16/2011 3:22 PM, Erwann Abalea wrote:
Le 16/12/2011 15:07, Jakob Bohm a écrit :
I think we may have a bug here, anyone from the core team
wish to comment on this.
The apparent bug:
When enforcing the "match" policy for a DN part, openssl reports
On Friday 16 Dec 2011 17:27:42 you wrote:
> On 12/16/2011 6:14 PM, Erwann Abalea wrote:
> > Le 16/12/2011 17:57, Mick a écrit :
> >> On Friday 16 Dec 2011 16:23:52 you wrote:
> >>> man req
> >>> Then look for the "-utf8" argument.
> >>>
> >>> I took your example below, added "-utf8" argument, and
On 12/16/2011 6:14 PM, Erwann Abalea wrote:
Le 16/12/2011 17:57, Mick a écrit :
On Friday 16 Dec 2011 16:23:52 you wrote:
man req
Then look for the "-utf8" argument.
I took your example below, added "-utf8" argument, and it worked.
You can display the content with "openssl req -text -noout -in
Le 16/12/2011 17:57, Mick a écrit :
On Friday 16 Dec 2011 16:23:52 you wrote:
man req
Then look for the "-utf8" argument.
I took your example below, added "-utf8" argument, and it worked.
You can display the content with "openssl req -text -noout -in
blabla.pem -nameopt multiline,utf8,-esc_msb"
On Friday 16 Dec 2011 16:23:52 you wrote:
> man req
> Then look for the "-utf8" argument.
>
> I took your example below, added "-utf8" argument, and it worked.
> You can display the content with "openssl req -text -noout -in
> blabla.pem -nameopt multiline,utf8,-esc_msb"
Would using -utf8 resolve
man req
Then look for the "-utf8" argument.
I took your example below, added "-utf8" argument, and it worked.
You can display the content with "openssl req -text -noout -in
blabla.pem -nameopt multiline,utf8,-esc_msb"
Le 16/12/2011 16:33, Lou Picciano a écrit :
openssl req -new -sha1 -nodes
On 12/16/2011 3:22 PM, Erwann Abalea wrote:
Le 16/12/2011 15:07, Jakob Bohm a écrit :
I think we may have a bug here, anyone from the core team
wish to comment on this.
The apparent bug:
When enforcing the "match" policy for a DN part, openssl reports an
error if the CSR has used a different s
Le 16/12/2011 15:07, Jakob Bohm a écrit :
I think we may have a bug here, anyone from the core team
wish to comment on this.
The apparent bug:
When enforcing the "match" policy for a DN part, openssl reports an
error if the CSR has used a different string type for the field, but the
correct val
21 matches
Mail list logo